Bug 1429034: Add WasmAtomicExchangeHeap to GetObject for alias analysis; r?lth
MozReview-Commit-ID: 6zVtGJJLUjU
--- a/js/src/jit-test/tests/wasm/atomic.js
+++ b/js/src/jit-test/tests/wasm/atomic.js
@@ -565,8 +565,21 @@ assertErrorMessage(() => wasmEvalText(`(
// Minimum run-time alignment for WAKE is 4
for (let addr of [1,2,3,5,6,7]) {
assertErrorMessage(() => wasmEvalText(`(module (memory 1 1 shared)
(func (export "f") (param i32) (result i32)
(atomic.wake (get_local 0) (i32.const 1))))`).exports.f(addr),
RuntimeError, unaligned);
}
+
+// Ensure alias analysis works even if atomic and non-atomic accesses are
+// mixed.
+assertErrorMessage(() => wasmEvalText(`(module
+ (memory 0 1 shared)
+ (func (export "main")
+ i32.const 1
+ i32.const 2816
+ i32.atomic.rmw16_u.xchg align=2
+ i32.load16_s offset=83 align=1
+ drop
+ )
+)`).exports.main(), RuntimeError, unaligned);
--- a/js/src/jit/AliasAnalysisShared.cpp
+++ b/js/src/jit/AliasAnalysisShared.cpp
@@ -139,16 +139,17 @@ GetObject(const MDefinition* ins)
case MDefinition::Opcode::AtomicTypedArrayElementBinop:
case MDefinition::Opcode::AsmJSLoadHeap:
case MDefinition::Opcode::AsmJSStoreHeap:
case MDefinition::Opcode::WasmLoadTls:
case MDefinition::Opcode::WasmLoad:
case MDefinition::Opcode::WasmStore:
case MDefinition::Opcode::WasmCompareExchangeHeap:
case MDefinition::Opcode::WasmAtomicBinopHeap:
+ case MDefinition::Opcode::WasmAtomicExchangeHeap:
case MDefinition::Opcode::WasmLoadGlobalVar:
case MDefinition::Opcode::WasmStoreGlobalVar:
case MDefinition::Opcode::ArrayJoin:
return nullptr;
default:
#ifdef DEBUG
// Crash when the default aliasSet is overriden, but when not added in the list above.
if (!ins->getAliasSet().isStore() || ins->getAliasSet().flags() != AliasSet::Flag::Any)